[funsec] Re: Malware sharing? People are full of shit [was: Get your computer viruses here!]

Drsolly drsollyp at drsolly.com
Thu Dec 29 10:12:30 CST 2005

On Thu, 29 Dec 2005, Aviram Jenik wrote:

> On Thursday, 29 December 2005 00:06, Drsolly wrote:
> > This is the "information should be free argument". The reply to that is
> > "If you believe that, then please post your credit card and identity
> > information on a public site"
> I think this is a completely flawed argument.
> First, "information wants to be free" doesn't imply FORCING people to share 
> information - just ALLOWING them to do so. I don't think Val talked about 
> forcing you to share your malware - he just wants to share his.

But he's exercising a choice about who to share his information with, and 
that's what I'm advocationg. He will share his credit card information 
with his bank, or with people he buys things from. But he won't share it 
with the people on his web site.

> Second, there's a difference between "information" and "personal information". 
> Yes, if you obtained someone's credit card information you should not place 
> it online. That has nothing to do with "information" it has to do with the 
> right for privacy.

But I'm not talking about breaching some third party's privacy. I'm 
explaining why he already exercises discretion in who he shares 
information with.

> So the question becomes is it "right" or "wrong" to share a certain type of 
> information (location of nuclear base plants, the government spending on 
> rebuilding Iraq, exploit code that demonstrate a PoC of a vulnerability, 
> malware that is found in limited circulation). Most of these cases are not 
> 'clear cut' and should not be presented that way ("ethically crippled"? 
> Common, Nick).

More information about the funsec mailing list